Paper Session IV: Development and Delivery of Coursework - The Legal/Regulatory/Policy Environment of Cyberforensics

This paper describes a cyber-forensics course that integrates important public policy and legal issues as well as relevant forensic techniques. Cyber-forensics refers to the amalgam of multi-disciplinary activities involved in the identification, gathering, handling, custody, use and security of electronic files and records, involving expertise from the forensic domain, and which produces evidence useful in the proof of facts for both commercial and legal activities. The legal and regulatory environment in which electronic discovery takes place is of critical importance to cyber-forensics experts because the legal process imposes both constraints and opportunities for the effective use of evidence gathered through cyber-forensic techniques. This paper discusses different pedagogies that can be used (including project teams, research and writing assignments, student presentations, case analyses, class activities and participation and examinations), evaluation methods, problem-based learning approaches and critical thinking analysis. A survey and evaluation is provided of the growing body of applicable print and online materials that can be utilized. Target populations for such a course includes students with majors, minors or supporting elective coursework in law, information sciences, information technology, computer science, computer engineering, financial fraud, security and information assurance, forensic aspects of cyber security, privacy, and electronic commerce. Keywords: Cyberforensics; Electronic Data Discovery; Electronic Records Management; Pre-Trial Discovery; Admissibility of Electronic Evidence; Information Assurance, Security and Risk Analysi

Development and Delivery of Coursework: The Legal/Regulatory/Policy Environment of Cyberforensics

This paper describes a cyber-forensics course that integrates important public policy and legal issues as well as relevant forensic techniques. Cyber-forensics refers to the amalgam of multi-disciplinary activities involved in the identification, gathering, handling, custody, use and security of electronic files and records, involving expertise from the forensic domain, and which produces evidence useful in the proof of facts for both commercial and legal activities. The legal and regulatory environment in which electronic discovery takes place is of critical importance to cyber-forensics experts because the legal process imposes both constraints and opportunities for the effective use of evidence gathered through cyber-forensic techniques. This paper discusses different pedagogies that can be used (including project teams, research and writing assignments, student presentations, case analyses, class activities and participation and examinations), evaluation methods, problem-based learning approaches and critical thinking analysis. A survey and evaluation is provided of the growing body of applicable print and online materials that can be utilized. Target populations for such a course includes students with majors, minors or supporting elective coursework in law, information sciences, information technology, computer science, computer engineering, financial fraud, security and information assurance, forensic aspects of cyber security, privacy, and electronic commerce

Electronic Data Discovery: Integrating Due Process into Cyber Forensic Practice

Most organizations and government agencies regularly become engaged in litigation with suppliers, customers, clients, employees, competitors, shareholders, prosecutors or regulatory agencies that nearly assures the need to organize, retain, find and produce business records and correspondence, emails, accounting records or other data relevant to disputed issues. This article discusses some high visibility cases that constrain how metadata and content is routinely made available to opposing parties in civil litigation, to prosecutors in criminal prosecutions and to agency staff in regulatory enforcement litigation. Public policy, as implemented in the rules of evidence and pretrial discovery, restrict electronic data discovery (EDD) as it becomes a predominant and potentially costly pre-trial activity pivotal to modern litigation. This article discusses these constraints while identifying opportunities for the interdisciplinary activities among litigators, forensic experts and information technology professionals

Electronic Data Discovery: Integrating Due Process into Cyber Forensic Practice

Most organizations and government agencies regularly become engaged in litigation with suppliers, customers, clients, employees, competitors, shareholders, prosecutors or regulatory agencies that nearly assures the need to organize, retain, find and produce business records and correspondence, e-mails, accounting records or other data relevant to disputed issues. This article discusses some high visibility cases that constrain how metadata and content is routinely made available to opposing parties in civil litigation, to prosecutors in criminal prosecutions and to agency staff in regulatory enforcement litigation. Public policy, as implemented in the rules of evidence and pretrial discovery, restrict electronic data discovery (EDD) as it becomes a predominant and potentially costly pre-trial activity pivotal to modern litigation. This article discusses these constraints while identifying opportunities for the interdisciplinary activities among litigators, forensic experts and information technology professionals.</p

Development and Delivery of Coursework: The Legal/Regulatory/Policy Environment of Cyberforensics

This paper describes a cyber-forensics course that integrates important public policy and legal issues as well as relevant forensic techniques. Cyber-forensics refers to the amalgam of multi-disciplinary activities involved in the identification, gathering, handling, custody, use and security of electronic files and records, involving expertise from the forensic domain, and which produces evidence useful in the proof of facts for both commercial and legal activities. The legal and regulatory environment in which electronic discovery takes place is of critical importance to cyber-forensics experts because the legal process imposes both constraints and opportunities for the effective use of evidence gathered through cyber-forensic techniques. This paper discusses different pedagogies that can be used (including project teams, research and writing assignments, student presentations, case analyses, class activities and participation and examinations), evaluation methods, problem-based learning approaches and critical thinking analysis. A survey and evaluation is provided of the growing body of applicable print and online materials that can be utilized. Target populations for such a course includes students with majors, minors or supporting elective coursework in law, information sciences, information technology, computer science, computer engineering, financial fraud, security and information assurance, forensic aspects of cyber security, privacy, and electronic commerce.</p

Risk Management of Email and Internet Use in the Workplace

The article surveys the changing risk environment for corporations from their employees electronic communications. It identifies the types of liabilities thatcorporations can incur from such communications. It presents the objectives of corporate internet use policies and the types of provisions such policies should contain. It suggests an alternative risk-based approach to corporate acceptable use policies instead of atraditional “laundry list†of internet use prohibitions